General

  • Target

    50280ade0a3242129bbfdf499a5fc1f55cbf702ab87b9797a54b0bec71092193

  • Size

    9.3MB

  • MD5

    e3911f063841bf8fbf8beefe281c2b28

  • SHA1

    82fd3f4228281d2690ba79968fb86734de21301f

  • SHA256

    50280ade0a3242129bbfdf499a5fc1f55cbf702ab87b9797a54b0bec71092193

  • SHA512

    6c0a6453df9225a49f598d9f83a14bcd5bd6efea177996e9d827caed421ecaf6717e331f1a99debf1f628002363b0a107f5d821a202d6f3fed4d3c1efc002238

  • SSDEEP

    196608:yjDK1hVvNv/JqYellHXqfCr8QiqQyzcoXaz29+1Ta+Qjmaa3tZvz:yC1h1NvjellHaf28QQScFa+Qaaa3Lvz

Score
10/10

Malware Config

Signatures

  • Irata family
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 1 IoCs

Files

  • 50280ade0a3242129bbfdf499a5fc1f55cbf702ab87b9797a54b0bec71092193
    .apk android

    forat.group.halva

    .main


Android Permissions

50280ade0a3242129bbfdf499a5fc1f55cbf702ab87b9797a54b0bec71092193

Permissions

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_NETWORK_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.ACCESS_WIFI_STATE

aandroid.permission.RECEIVE_BOOT_COMPLETED

forat.group.halva.permission.C2D_MESSAGE

com.google.android.c2dm.permission.RECEIVE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED